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DETAILED ACTION 

1. This communication is in response to applicant's response received on 
12/26/2006. 

2. Claims 1,13, and 22-25 are amended. 

Response to Arguments 

Applicants' arguments have been fully considered but they are not persuasive. 

1 . Applicants on page 8, lines 3-9 of the remarks argue that "The Windows 
NT operation described by Hadfield uses a database access that requires more than 
one operation Hadfield uses centralized information stored in an account database 
when the user is attempting to log on to a Windows NT Server, as relevant here, the 
account name and password are compared with the domain's account database. If the 
server is a memberof a trusting domain, the user also is given the option of 
authenticating against the trusted domain's account database " Hadfield at page 168, at 
lines 12-15." 

The examiner respectfully disagrees and asserts that Hadfield discloses (see, for 
example, page 168, lines 1 1-26) a log on operation to a Windows NT. The user supplies a 
name and a password and the Windows NT verifies them against an account database. 
The Windows NT provides options to the user to either log on to a domain (i.e., user is a 
member of some groups) or just to log on to the workstation alone. In either option the 
user only supplies a name and a password once and the Windows NT performs 
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verification of the user identity only one time (i.e., in a single operation) against the local 
account database (the account database is either for the workstation alone or for both 
workstation and a domain). Hadfield further discloses that a cryptographic operation is 
used to authenticate a user (see, for example, page 170, paragraphs 1-4). 

2. The examiner, however, in light of the above submission maintains the 
previous rejections while considering the amendments to the claims 1,13, and 22-25 as 
follows: 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-3, 6, 9-15 and 19-25 are rejected under 35 U.S.C. 102(b) as being 
anticipated by "Windows NT Server 4 Security Handbook" by Lee Hadfield, Dave 
Hatter, Dave Bixler, 1997 (hereinafter Hadfield). 

Regarding claims 1,13 and 22-25, Hadfield discloses: 

computationally verifying an identity of said user (see, for example, page 80, 
paragraph 4; page 81, paragraphs 2 and 3; pages 168-169; pages 350-351; page 432, 
paragraph 5); and 
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computationally verifying a membership of said user with said one or more 
groups (see, for example, page 80, paragraph 4 and 5; page 83, -paragraphs 3 and 4 
pages 168-169; page 174, last paragraph), 

wherein said verifying computations are performed substantially simultaneously 
using a single cryptographic operation and user information stored in a computer file 
that is local to said user (see, for example, page 81, paragraphs 4-6, where a user's 
identity and its membership to any group is authenticated with a single log-on process 
that is functionally equivalent to the recited verifying computations are performed 
substantially simultaneously and see, for example, page 79, lines 24-31; page 168, lines 
11-26; page 170, paragraphs 1-4, where indicated that a cryptographic operation is 
used; page 175, lines 14-15 and lines 19-21, where the user validation information are 
contained in a local database for logging on locally). 

Regarding claims 2 and 14, Hadfield discloses: 

further comprising the step of registering said user with at least one of said one 
or more groups (see, for example, page 29; page 1 01 ; page 1 1 0; page 275, last 
paragraph; page 281, paragraph 4, where setting up and creating a user account and 
user groups corresponds to the recited registering a user.. .with a group(s)). 

Regarding claims 3 and 15, Hadfield discloses: 

wherein said registering step further comprises the step of said user and said at 
least one of said one or more groups exchanging a respective identifier (see, for 
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example, page 29, paragraphs 3 and 4; page 102, paragraph 2; page 110; page 432, 
paragraph 5, where a password that correspond to the recited identifier is used to grant 
membership to a user a to a group). 

Regarding claim 6, Hadfield discloses: 

wherein said registering step further comprises the step of creating a registration 
identifier (see, for example, page 29; page 101; page 110; page 275, last paragraph; 
page 281 , paragraph 4, where during the process of creating a user account and user 
groups, user/group ID or password that correspond to the recited registration identifier is 
created and assigned to a particular user or group). 

Regarding claims 9 and 19, Hadfield discloses: 

wherein said verifying computations are performed jn a single operation based 
on the El Gamal public key algorithm (see, for example, page 170, paragraphs 1-4, 
where RSA encryption algorithm is employed for authentication process which is 
functionally equivalent to El Gamal public key algorithm and it is a matter of 
implementation). 

Regarding claims 10 and 20, Hadfield discloses: 

wherein said user information is stored on a smart card that provides tamper- 
resistant features (see, for example, page 81 , paragraphs 2 and 3). 
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Regarding claims 11 and 21, Hadfield discloses: 

wherein said user information is stored in a memory of a computer (see, for 
example, page 33, paragraph 4; page 68, last paragraph; page 226, last 2 paragraphs; 
page 102, Fig. 4.1, where upon clicking Add button, the user information are saved on a 
disk or hard drive that represent a memory). 

Regarding claim 12, Hadfield discloses: 

wherein a user that satisfies said verifying computations is allowed to access a 
plurality of groups (see, for example, page 28, paragraph 2; page 29, paragraph 4; page 
81, paragraph 4; page 110, paragraph 3; pages 112-113, where it demonstrate that an 
authenticated user has the same rights and permissions of the groups that the user has 
membership which corresponds to the recited user... allowed to access a plurality of 
groups). 

Allowable Subject Matter 

Claims 4, 5, 7, 8 and 16-18 are objected to as being dependent upon a rejected 
base claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 
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US Patent No. 6853988 B1 to Dickinson et al. 

THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Abdulhakim Nobahar whose telephone number is 571- 
272-3808. The examiner can normally be reached on M-T 8-6. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
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you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Examiner 
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